Disconnect policy for distributed computing systems

US 6,412,077 B1
Filed: 01/14/1999
Issued: 06/25/2002
Est. Priority Date: 01/14/1999
Status: Expired due to Term

First Claim

Patent Images

1. A method for performing a disconnect policy that involves authorizing a data communication session between a client and a first server, the method comprising the computer-implemented steps of:

determining that a second server cannot communicate with a third server that is normally responsible for authorizing the session;

receiving a request to establish a session for a particular entity associated with the client;

determining whether the third server is an authoritative server for the entity;

if the third server is the authoritative server for the entity, then determining at the second server whether the session should be established for the entity; and

determining to establish the session for the entity only upon determining that a then-current count of sessions maintained only by the second server is less than a total number of sessions that have been allocated for the entity.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mechanism for performing a disconnect policy involving authorizing a data communication session between a client and a first server is disclosed. The mechanism provides a failover scheme in which local servers record the number of active sessions that they have authorized for a particular user entity. Each user entity is assigned an authoritative server. The authoritative servers maintain global session information for each user entity in which they are assigned. When a local server cannot authorize a session for a particular user entity the local server communicates with the authoritative server to determine whether a session should be established for the user entity. If communication is lost between a local server and an authoritative server, the local server assumes that no other servers have authorized active sessions for the particular user entity. In a similar manner, the authoritative server assumes that the local server has not authorized any active sessions for the particular entity. Thus, both the local server and the authoritative server may independently authorize sessions for the user entity.

When communication is re-established between the local server and the authoritative server, the servers exchange information to recreate the current state. If it is determined that too many active sessions have been established for user entity, further authorization requests from the user entity are denied until the number of active sessions is reduced below an acceptable level. This, failover scheme removes the need for redundant servers and instead distributes the burden of redundancy to the local servers where communication problems are far less likely to occur.

Citations

24 Claims

1. A method for performing a disconnect policy that involves authorizing a data communication session between a client and a first server, the method comprising the computer-implemented steps of:
- determining that a second server cannot communicate with a third server that is normally responsible for authorizing the session;
  
  receiving a request to establish a session for a particular entity associated with the client;
  
  determining whether the third server is an authoritative server for the entity;
  
  if the third server is the authoritative server for the entity, then determining at the second server whether the session should be established for the entity; and
  
  determining to establish the session for the entity only upon determining that a then-current count of sessions maintained only by the second server is less than a total number of sessions that have been allocated for the entity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method as recited in claim 1, wherein the second server is a local distribution session counter that is non-authoritative in relation to the client and the third server is an authoritative session counter that is authoritative in relation to the client.
  - 3. The method as recited in claim 1, further comprising the steps of:
4. The method as recited in claim 1, further comprising the steps of storing and maintaining data that is associated with the second server, wherein the data includes,a local session established counter value that indicates a first number of sessions that have been authorized for the particular entity by the second server and which are still currently active;
- and an allocated sessions threshold value that indicates a second number of sessions that have been allocated for the particular entity.
5. The method as recited in claim 1, further comprising the steps of storing and maintaining data that is associated with the second server, wherein the data includes,a local session counter value that indicates a third number of sessions that are currently active for the particular entity;
- and a local session threshold value that indicates a fourth number of sessions that may be currently active before sessions cannot be authorized locally by the second server.
6. The method as recited in claim 1, further comprising the steps of storing and maintaining data that is associated with the second server, wherein the data includes an authoritative distribution session counter identifier that identifies an authoritative server that maintains global session information for authorizing sessions for the entity.
7. The method a s recited in claim 1, wherein the step of determining at the second server whether the session should be established for the particular entity comprises the steps of:
- determining a local session established counter value that indicates a first number of sessions that have been authorized for the particular entity by the second server and which are still currently active;
  
  determining an allocated sessions threshold value that indicates a second number of sessions that have been allocated for the particular entity; and
  
  comparing the local session established counter value with the allocated sessions threshold value to determine whether the session should be established for the particular entity.
8. The method as recited in claim 7, wherein the step of comparing comprises the steps of:
- if the value of the local session established counter is less than the value of the allocated sessions threshold then determining that the session should be established.
9. The method as recited in claim 1, further comprising the steps of:
- if the third server is not the authoritative server for the entity, then determining whether the session can be locally authorized at a second server;
  
  if authorization of the session can be performed locally at the second server, then informing the first server that the session may be established between the client and the first server for the entity; and
  
  informing a fourth server that the session has been authorized to be established for the entity, wherein the fourth server is the authoritative server for the entity.
10. The method as recited in claim 9, further comprising the steps of:
- if authorization of the session cannot be performed locally at the second server then, requesting the fourth server to authorize the session between the client and the first server; and
  
  informing the first server, based on a response received from the fourth server, whether the session may be authorized.
11. The method as recited in claim 9, wherein the step of determining whether authorization of the session can be performed locally at the second server comprises the steps of:
- determining a local session counter value that indicates a third number of sessions that are currently active for the particular entity;
  
  determining a local session threshold value that indicates a threshold as to a fourth number of sessions that may be currently active before sessions cannot be authorized locally by the second server; and
  
  comparing the local session counter value with the local session threshold value to determine whether authorization of the session can be performed locally at the second server.
12. The method as recited in claim 1, further comprising the steps of:
- prior to determining that said second server cannot communicate with said third server, receiving from the third server a global session threshold value that indicates a fifth number of sessions that have been allocated for the entity; and
  
  storing the global session threshold value in a portion of memory that is associated with the second server.
13. The method as recited in claim 1, further comprising the steps of:
- after determining that the second server can again communicate with the third server, sending session information from the second server to the third server, wherein the session information indicates a sixth number of sessions that have been authorized for the particular entity by the second server and which are currently active.

14. A method for performing a disconnect policy involving authorizing, after a failure, a data communication session between a client and a first server, the method comprising the computer-implemented steps of:
- after the failure, determining that a second server cannot communicate with a third server;
  
  identifying one or more sessions that were authorized by the second server and which are currently active for a particular entity, wherein the third server is assigned as an authoritative server for the particular entity;
  
  calculating a global session counter value that indicates a first number of sessions that are currently active for the particular entity, wherein the global session counter value does not include the one or more sessions that have been authorized by the second server and which are currently active for the particular entity; and
  
  upon receiving a request to authorize a session for the particular entity, determining whether the session should be established by comparing the global session counter value with a global session threshold value, wherein the global session threshold indicates a second number of sessions that have been allocated for the particular entity is associated.

15. A method for performing a disconnect policy involving broadcasting, after a failure, session information to one or more servers, the method comprising the computer-implemented steps of:
- after the failure, determining that a first server cannot communicate with a second server;
  
  identifying one or more sessions that were authorized by the second server and which are currently active for a particular entity, wherein the first server is assigned as an authoritative server for the particular entity;
  
  calculating a global session counter value that indicates a first number of sessions that are currently active for the particular entity, wherein the global session counter value does not include the one or more sessions that have been authorized by the second server and which are currently active for the particular entity;
  
  determining whether one or more other servers have previously authorized sessions for the particular entity; and
  
  if one or more other servers have previously authorized sessions for the particular entity, then informing the one or more other servers of the calculated global session counter value.
- View Dependent Claims (16, 17, 18)
- - 16. The method as recited in claim 15, further comprising the computer-implemented steps of:
17. The method as recited in claim 16, wherein the step of receiving the request comprises the step of receiving a connection request that requests authorization to establish a Point-to-Point Protocol session between the client and the first server.
18. The method as recited in claim 15, wherein:
- prior to the failure, maintaining data that is associated with the first server, wherein the data includes a server list, wherein the server list identifies servers that have previously authorized sessions for the particular entity; and
  
  for each server identified, a session counter value that indicates a third number of sessions that it has authorized and which are currently active for the particular entity.

19. A computer-readable medium carrying one or more sequences of instructions for authorizing, after a failure, a data communication session between a client and a first server, wherein execution of the one or more sequences of instructions by one or more processors causes the one or more processors to perform the steps of:
- after the failure, determining that a second server cannot communicate with a third server;
  
  receiving a request to establish a session for a particular entity, wherein the particular entity is associated with the client;
  
  determining whether the third server is assigned as an authoritative server for the particular entity;
  
  if the third server is assigned as the authoritative server for the particular entity, then determining at the second server whether the session should be established for the particular entity;
  
  determining to establish the session for the entity only upon determining that a then-current count of sessions maintained only by the second server is less than a total number of sessions that have been allocated for the entity.

20. A computer-readable medium carrying one or more sequences of instructions for authorizing, after a failure, a data communication session between a client and a first server, wherein execution of the one or more sequences of instructions by one or more processors causes the one or more processors to perform the steps of:
- determining that a second server cannot communicate with a third server;
  
  identifying one or more sessions that were authorized by the second server and which are currently active for a particular entity, wherein the third server is assigned as an authoritative server for the particular entity;
  
  calculating a global session counter value that indicates a first number of sessions that are currently active for the particular entity, wherein the global session counter value does not include the one or more sessions that have been authorized by the second server and which are currently active for the particular entity; and
  
  upon receiving a request to authorize a session for the particular entity, determining whether the session should be established by comparing the global session counter value with a global session threshold value, wherein the global session threshold indicates a second number of sessions that have been allocated for the particular entity is associated.

21. A computer-readable medium carrying one or more sequences of instructions for broadcasting, after a failure, session information to one or more servers, wherein execution of the one or more sequences of instructions by one or more processors causes the one or more processors to perform the steps of:
- determining that a first server cannot communicate with a second server;
  
  identifying one or more sessions that were authorized by the second server and which are currently active for a particular entity, wherein the first server is assigned as an authoritative server for the particular entity;
  
  calculating a global session counter value that indicates a first number of sessions that are currently active for the particular entity, wherein the global session counter value does not include the one or more sessions that have been authorized by the second server and which are currently active for the particular entity;
  
  determining whether one or more other servers have previously authorized sessions for the particular entity; and
  
  if one or more other servers have previously authorized sessions for the particular entity, then informing the one or more other servers of the calculated global session counter value.

22. A computer apparatus comprising:
- a processor; and
  
  a memory coupled to the processor, the memory containing one or more sequences of instructions for authorizing, after a failure, a data communication session between a client and a first server, wherein execution of the one or more sequences of instructions by the processor causes the processor to perform the steps of;
  
  after the failure, determining that a second server cannot communicate with a third server;
  
  receiving a request to establish a session for a particular entity, wherein the particular entity is associated with the client;
  
  determining whether the third server is assigned as an authoritative server for the particular entity; and
  
  if the third server is assigned as the authoritative server for the particular entity, then determining at the second server whether the session should be established for the particular entity; and
  
  determining to establish the session for the entity only upon determining that a then-current count of sessions maintained only by the second server is less than a total number of sessions that have been allocated for the entity.

23. A computer apparatus comprising:
- a processor; and
  
  a memory coupled to the processor, the memory containing one or more sequences of instructions for authorizing, after a failure, a data communication session between a client and a first server, wherein execution of the one or more sequences of instructions by the processor causes the processor to perform the steps of;
  
  determining that a second server cannot communicate with a third server;
  
  identifying one or more sessions that were authorized by the second server and which are currently active for a particular entity, wherein the third server is assigned as an authoritative server for the particular entity;
  
  calculating a global session counter value that indicates a first number of sessions that are currently active for the particular entity, wherein the global session counter value does not include the one or more sessions that have been authorized by the second server and which are currently active for the particular entity; and
  
  upon receiving a request to authorize a session for the particular entity, determining whether the session should be established by comparing the global session counter value with a global session threshold value, wherein the global session threshold indicates a second number of sessions that have been allocated for the particular entity is associated.

24. A computer apparatus comprising:
- a processor; and
  
  a memory coupled to the processor, the memory containing one or more sequences of instructions for broadcasting, after a failure, session information to one or more servers, wherein execution of the one or more sequences of instructions by the processor causes the processor to perform the steps of;
  
  determining that a first server cannot communicate with a second server;
  
  identifying one or more sessions that were authorized by the second server and which are currently active for a particular entity, wherein the first server is assigned as an authoritative server for the particular entity;
  
  calculating a global session counter value that indicates a first number of sessions that are currently active for the particular entity, wherein the global session counter value does not include the one or more sessions that have been authorized by the second server and which are currently active for the particular entity;
  
  determining whether one or more other servers have previously authorized sessions for the particular entity; and
  
  if one or more other servers have previously authorized sessions for the particular entity, then informing the one or more other servers of the calculated global session counter value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Roden, Thomas Anthony, Knight, John, Cates, David
Primary Examiner(s)
Beausoleil, Robert
Assistant Examiner(s)
Bonzo, Bryce P.

Application Number

US09/231,920
Time in Patent Office

1,258 Days
Field of Search

714/4, 714/43, 709/229, 709/239
US Class Current

714/4.21
CPC Class Codes

H04L 63/102   Entity profiles

H04L 67/14   Session management for real...

H04L 67/141   Setup of application sessio...

H04L 67/60   Scheduling or organising th...

Disconnect policy for distributed computing systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Disconnect policy for distributed computing systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links